Skip to content

docker/shib-idp-standalone

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
March 20, 2017 13:03
March 20, 2017 13:03
March 20, 2017 13:03
March 20, 2017 15:16
March 20, 2017 13:03

Supported tags and respective Dockerfile links

TBD

What is Shibboleth IdP?

Shibboleth is among the world's most widely deployed federated identity solutions, connecting users to applications both within and between organizations. Every software component of the Shibboleth system is free and open source.

Shibboleth is an open-source project that provides Single Sign-On capabilities and allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.

How to use this image

Since no two users of Shibboleth IdP are likely to configure it exactly alike, this image does not come with any default configuration.

Acquire Oracle Java

You should visit a page similar to this one at Oracle to download the Oracle JDK.

Select the Linux x64 RPM and agree to the Oracle Binary Code License Agreement.

Acquire JCE

You should visit a page similar to this one at Oracle to download the Oracle Java Crypography Extension policy files.

Create a Dockerfile

FROM tier/shibboleth_idp:3.3
COPY jdk-8u121-linux-x64.rpm /tmp/oracle_jdk.rpm
COPY jce_policy-8.zip /tmp/$oracle_jce_zip

Common additional sample configurations may include:

COPY server.xml /usr/local/tomcat/conf/
COPY krb5.conf /etc/

Build the container

$ docker build -t my-shibboleth-idp .

Test the configuration file

CAN THIS BE DONE? [jvf]

$ docker run -it --rm --name shibboleth-idp-test-run my-shibboleth-idp /usr/local/tomcat/bin/startup.sh

Run using a bind mount to share secrets

$ docker run -d --name my-running-shibboleth-idp -v /path/to/shibboleth_idp/certs:/opt/certs my-shibboleth-idp

Note that your host's /path/to/shibboleth_idp/certs folder should contain... TBD.

You may need to publish the ports your Shibboleth IdP is listening on to the host by specifying the -p option, for example -p 8080:80 to publish port 8080 from the container host to port 80 in the container. Make sure the port you're using is free.

Reloading config

TBD

N.B. that if every config file were on the bind mount, a REHUP of the container would work, but with the files scattered about the filesystem / unspecified....

License

Supported Docker versions

User Feedback

Issues

Contributing

Documentation

About

Shibboleth IdP container designed for standalone use

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages